Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f9a0e18ccfc8d6e017c6d658544ba7c9c9138a9dc4d256aca2b824c9770eca8a

  • Size

    673KB

  • Sample

    230519-gjnycseb7w

  • MD5

    08215dde4129b7d76336f39fdd511a2e

  • SHA1

    3a8640882544c8d1ad79a0d99362ab46241bf43c

  • SHA256

    f9a0e18ccfc8d6e017c6d658544ba7c9c9138a9dc4d256aca2b824c9770eca8a

  • SHA512

    10144749286206abc9a193c60a323474a70aff1fdbb6ce957d36b4a11ee5c91641321e9877d475d99bccb1b5e680baaeb3ad243009db86c15a42d117d676bb41

  • SSDEEP

    6144:7iK/fTphszm59OXCWJIQyLNy1yGiGwpMhSz8yc0F6hRlYT8b6VwGWsZ9wa8bszpD:+ANhlDWd9YSrb6VTEa8bGfMwqA5v

Malware Config

Extracted

Family

redline

Botnet

1300

C2

45.15.166.130:44519

Attributes
  • auth_value

    2e328604bf1317edc3d8daa89e0a03ec

Targets

    • Target

      f9a0e18ccfc8d6e017c6d658544ba7c9c9138a9dc4d256aca2b824c9770eca8a

    • Size

      673KB

    • MD5

      08215dde4129b7d76336f39fdd511a2e

    • SHA1

      3a8640882544c8d1ad79a0d99362ab46241bf43c

    • SHA256

      f9a0e18ccfc8d6e017c6d658544ba7c9c9138a9dc4d256aca2b824c9770eca8a

    • SHA512

      10144749286206abc9a193c60a323474a70aff1fdbb6ce957d36b4a11ee5c91641321e9877d475d99bccb1b5e680baaeb3ad243009db86c15a42d117d676bb41

    • SSDEEP

      6144:7iK/fTphszm59OXCWJIQyLNy1yGiGwpMhSz8yc0F6hRlYT8b6VwGWsZ9wa8bszpD:+ANhlDWd9YSrb6VTEa8bGfMwqA5v

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks